This library provides well-tested Python CFFI bindings for libsecp256k1, the heavily optimized C library used by Bitcoin Core for operations on elliptic curve secp256k1.

• Fastest available implementation (more than 10x faster than OpenSSL)
• Clean, easy to use API
• Frequent updates from libsecp256k1 master
• Linux, macOS, and Windows all have binary packages for both 64 and 32-bit architectures
• Linux & macOS use GMP for faster computation
• Deterministic signatures via RFC 6979
• Non-malleable signatures (lower-S form) by default
• Secure, non-malleable ECDH implementation
• Implements a fix for https://bugs.python.org/issue28150 to support Python 3.6+ on macOS

• ethereum/pyethereum
• ethereum/py-evm
• ethereum/pydevp2p
• ethereum/eth-keys
• raiden-network/raiden
• raiden-network/microraiden
• raiden-network/raiden-contracts
• golemfactory/golem
• golemfactory/golem-messages
• JoinMarket
• PeerAssets/pypeerassets
• bit
• btcrecover
• crankycoin

Coincurve is distributed on PyPI and is available on Linux/macOS and Windows and supports Python 2.7/3.5+ and PyPy3.5-v5.8.1+.

$ pip install coincurve

If you are on a system that doesn't have a precompiled binary wheel (e.g. FreeBSD) then pip will fetch source to build yourself. You must have the necessary packages.

On Debian/Ubuntu for example the necessary packages are:

• build-essential
• automake
• pkg-config
• libtool
• libffi-dev
• libgmp-dev

Coincurve provides a simple API.

verify_signature(signature, message, public_key, hasher=sha256, context=GLOBAL_CONTEXT)

Verifies some message was signed by the owner of a public key.

• Parameters:

  • signature (bytes) - The signature to verify.
  • message (bytes) - The message that was supposedly signed.
  • public_key (bytes) - A public key in compressed or uncompressed form.
  • hasher - The hash function to use, can be None. hasher(message) must return 32 bytes.
  • context (coincurve.Context)

• Returns: bool

All instances have a public_key of type coincurve.PublicKey

PrivateKey(secret=None, context=GLOBAL_CONTEXT)

• Parameters:

  • secret (bytes) - The secret to use.
  • context (coincurve.Context)

Methods:

classmethod from_hex(hexed, context=GLOBAL_CONTEXT)

classmethod from_int(num, context=GLOBAL_CONTEXT)

classmethod from_pem(pem, context=GLOBAL_CONTEXT)

classmethod from_der(der, context=GLOBAL_CONTEXT)

sign(message, hasher=sha256, custom_nonce=None)

• Parameters:

  • message (bytes) - The message to sign.
  • hasher - The hash function to use, can be None. hasher(message) must return 32 bytes.
  • custom_nonce - A tuple of arity 2 in the form of (nonce_fn, nonce_data). Refer to: secp256k1.h

• Returns: bytes. 68 <= len(signature) <= 71

sign_recoverable(message, hasher=sha256)

• Parameters:

  • message (bytes) - The message to sign.
  • hasher - The hash function to use, can be None. hasher(message) must return 32 bytes.

• Returns: bytes

ecdh(public_key)

Computes a Diffie-Hellman secret in constant time. Note: This prevents malleability by returning sha256(x) instead of the x coordinate directly. See ofek#9.

• Parameters:

  • public_key (bytes) - Another party's public key in compressed or uncompressed form.

• Returns: bytes

add(scalar, update=False)

• Parameters:

  • scalar (bytes) - The scalar to add.
  • update (bool) - If True, will update and return self.

• Returns: coincurve.PrivateKey

multiply(scalar, update=False)

• Parameters:

  • scalar (bytes) - The scalar to multiply.
  • update (bool) - If True, will update and return self.

• Returns: coincurve.PrivateKey

to_hex()

to_int()

to_pem()

to_der()

PublicKey(data, context=GLOBAL_CONTEXT)

• Parameters:

  • data (bytes) - The public key in compressed or uncompressed form.
  • context (coincurve.Context)

Methods:

classmethod from_secret(secret, context=GLOBAL_CONTEXT)

classmethod from_valid_secret(secret, context=GLOBAL_CONTEXT)

classmethod from_point(x, y, context=GLOBAL_CONTEXT)

classmethod from_signature_and_message(serialized_sig, message, hasher=sha256, context=GLOBAL_CONTEXT)

classmethod combine_keys(public_keys, context=GLOBAL_CONTEXT)

• Parameters:

  • public_keys (list) - A list of coincurve.PublicKey to add.
  • context (coincurve.Context)

• Returns: coincurve.PublicKey

format(compressed=True)

• Parameters:

  • compressed (bool)

• Returns: The public key serialized to bytes.

point()

• Returns: (x, y)

verify(signature, message, hasher=sha256)

Verifies some message was signed by the owner of this public key.

• Parameters:

  • signature (bytes) - The signature to verify.
  • message (bytes) - The message that was supposedly signed.
  • hasher - The hash function to use, can be None. hasher(message) must return 32 bytes.

• Returns: bool

add(scalar, update=False)

• Parameters:

  • scalar (bytes) - The scalar to add.
  • update (bool) - If True, will update and return self.

• Returns: coincurve.PublicKey

multiply(scalar, update=False)

• Parameters:

  • scalar (bytes) - The scalar to multiply.
  • update (bool) - If True, will update and return self.

• Returns: coincurve.PublicKey

combine(public_keys, update=False)

• Parameters:

  • public_keys (list) - A list of coincurve.PublicKey to add.
  • update (bool) - If True, will update and return self.

• Returns: coincurve.PublicKey

Coincurve is distributed under the terms of both

• Apache License, Version 2.0
• MIT License

at your option.

• Contributors of libsecp256k1.
• Contributors of secp256k1-py. While Coincurve is nearly a complete rewrite, much of the build system provided by ulope remains.

Important changes are emphasized.

• Support tox for testing
• Compatibility with latest libsecp256k1 ECDH API
• Make libgmp optional when building from source

• Fixed wheels for macOS
• Breaking: Drop support for 32-bit macOS

• No longer package tests

• New: Binary wheels for Python 3.7!
• Changed: Binary wheels on macOS for Python 3.5 now use Homebrew Python for compilation due to new security requirements
• Make build system support new GitHub & PyPI security requirements
• Improvements from libsecp256k1 master

View all history